From bcc798bcbd84c68838dcd968b23ce32a71dad6fa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=A9r=C3=B4me=20Schneider?= Date: Fri, 15 Nov 2013 10:31:30 +0100 Subject: [PATCH] eofirewall is not an init script anymore --- Makefile | 6 +-- firewall => eofirewall | 86 +++++++++++++++++++++--------------------- 2 files changed, 45 insertions(+), 47 deletions(-) rename firewall => eofirewall (87%) diff --git a/Makefile b/Makefile index cb75d4f..c85e25d 100644 --- a/Makefile +++ b/Makefile @@ -5,16 +5,16 @@ ## Login ## -NAME=firewall +NAME=eofirewall VERSION=`git describe` DESTDIR= all: install: - install -d -m 0755 -o root -g root $(DESTDIR)/etc/init.d $(DESTDIR)/etc/rsyslog.d $(DESTDIR)/usr/bin + install -d -m 0755 -o root -g root $(DESTDIR)/etc/rsyslog.d $(DESTDIR)/usr/bin install -d -m 0755 -o root -g root $(DESTDIR)/etc/firewall - install -m 0640 -o root -g root $(NAME).conf $(DESTDIR)/etc/firewall/firewall.conf.template + install -m 0640 -o root -g root firewall.conf $(DESTDIR)/etc/firewall/firewall.conf.template install -m 0640 -o root -g root rsyslog.conf $(DESTDIR)/etc/rsyslog.d install -m 0755 -o root -g root $(NAME) $(DESTDIR)/usr/bin clean: diff --git a/firewall b/eofirewall similarity index 87% rename from firewall rename to eofirewall index cf626c0..fc90561 100755 --- a/firewall +++ b/eofirewall @@ -1,18 +1,8 @@ #!/bin/bash -### BEGIN INIT INFO -# Provides: firewall -# Required-Start: $remote_fs $syslog $network -# Required-Stop: $remote_fs $syslog $network -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -# Short-Description: Iptables firewall -# Description: An iptables firewall -### END INIT INFO - . /lib/lsb/init-functions -NAME="firewall" +NAME="eofirewall" abort() { @@ -353,50 +343,58 @@ start() } +load() +{ + log_daemon_msg "Loading rules from /etc/network/iptables-save" + if [ -f /etc/network/iptables-save ]; then + iptables-restore < /etc/network/iptables-save + else + log_warning_msg "No iptables rules saved please use test and save script options" + fi +} + +test_rules() +{ + log_action_msg "Testing new rules" + log_action_msg "You have 30 seconds to test your new rules" + start || exit 1 + log_end_msg 0 + log_action_msg "... Please test your rules" + sleep 30 + log_action_msg "---- The test is finished ----" + if [ -f /etc/network/iptables-save ]; then + iptables-restore < /etc/network/iptables-save + log_action_msg "Old rules restored" + else + flush + log_action_msg "Rules flushed" + fi + log_action_msg "If you are happy with this new rules please use save option" +} + + case "$1" in - start|restore) - log_daemon_msg "Starting firewall" - if [ -f /etc/network/iptables-save ]; then - iptables-restore < /etc/network/iptables-save - else - log_warning_msg "No iptables rules saved please use test and save script options" - fi - log_end_msg 0 - ;; - stop) - log_daemon_msg "Stopping firewall" - clean || exit 1 - log_end_msg 0 + load|restore) + load || exit 1 ;; test) - log_action_msg "Testing new rules" - log_action_msg "You have 30 seconds to test your new rules" - start || exit 1 - log_end_msg 0 - log_action_msg "... Please test your rules" - sleep 30 - log_action_msg "---- The test is finished ----" - if [ -f /etc/network/iptables-save ]; then - iptables-restore < /etc/network/iptables-save - log_action_msg "Old rules restored" - else - flush - log_action_msg "Rules flushed" - fi - log_action_msg "If you are happy with this new rules please use save option" + test_rules || exit 1 ;; save) - log_action_msg "Starting and saving new rules" + log_daemon_msg "Loading new rules" start || exit 1 + log_daemon_msg "Saving new rules to /etc/network/iptables-save" iptables-save > /etc/network/iptables-save - log_end_msg 0 ;; flush) - flush + flush || exit 1 + ;; + clean) + clean || exit 1 ;; *) - N=/etc/init.d/$NAME - echo "Usage: $N {start|restore|save|test|stop}" + N=/usr/bin/$NAME + echo "Usage: $N {restore|load|save|test|clean|flush}" exit 2 ;; esac